Monday, February 23rd
Welcome Reception
Hosted by Redwood Collaborative Media
Meet the Futuretest ’09 speakers and your fellow participants in a relaxed and fun setting prior to the formal start of the conference.
Tuesday, February 24
9:00 am – 10:00 am
Web Bloopers – Avoiding Common Design Mistakes
By Jeff Johnson, Author, GUI Bloopers 2.0: Common User Interface Design Don’ts & Dos
Will your Web site pass the test, or will visitors be gnashing their teeth and shaking their fists? Will potential customers ever come back? Avoid the lost revenues and embarrassment of being caught with your Web Bloopers showing. Attend this session and discover all the blunders that might be on your Web site right now.
Based on the book “GUI Bloopers 2.0” and presented by its author, this talk is not just about how to make Web sites pretty, nor is it just another tirade about what is wrong with the Web. It goes in-depth and grapples with challenging usability issues at the heart of many Web bloopers. It offers sound advice on fixing these problems or avoiding them to begin with. Bring your sense of humor; this talk is sprinkled with humorous screen images illustrating common problems and their solutions. It will leave you better able to critically review Websites you develop or test.
Tuesday, February 24
10:00 am – 11:00 am
Embed Security in QA by Breaking Web Apps
By Ryan Townsend, Lead Security Engineer, Time Inc.
Your application works great. Use cases are thoroughly tested, and user acceptance tests pass with flying colors. The business is happy, but is it exposed? Which threatens security more, the latest social networking app or the back-office system that runs your company’s finances? The answer might surprise you.
This session reveals how flaws in Web apps can lead to theft of sensitive information, compromise of data, defacing of a site or crashing it altogether. Learn about injection flaws, cross-site-scripting, and privilege escalation along with methods and white/black-box testing tools to help avoid these common errors. Ajax and Flash security testing will be covered. Learn how embedding security testing in the QA cycle can add more value to testing, decrease time to market and keep your company out of the headlines.
Tuesday, February 24
11:15 am – 12:15 pm
Virtually Stress-Free Testing in the Cloud
By Jinesh Varia, Technology Evangelist, Amazon.com
Software testing is a great use for cloud computing environments. In this session, you’ll hear a discussion from Amazon.com of the latest innovations in cloud computing, including cloud-based software testing and Web services and virtualization. Learn the benefits of an on-demand infrastructure for testing and pay-as-you-go pricing that enables new business models such as usage-based costing.
You’ll hear examples and case-studies of companies that enable testing in the cloud, and new ways of doing automated testing in which the testing infrastructure automatically comes alive every night at 2 am to perform stress-free testing without any upfront investment.
Load-Testing Web Apps in the Cloud
By Patrick Lightbody
Patrick will be demonstrate how cloud computing can be used to load-test web applications. By leveraging the massive scale of this emerging technology, testers will soon be able to test multiple client and server configurations in parallel, drastically reducing testing cycles and cost.
Tuesday, February 24
1:15 pm – 1:45 pm
Application Lifecycle Management
Brad Hipps, Senior Manager of Product Marketing, Software, HP
App Modernization: Benefits, Pressures, and the ALM Response
By Brad Hipps, Senior Manager of Product Marketing for Software, HP
This session will survey the key trends driving an application modernization cycle that according to Gartner research will “extend past the end of this decade.” What are the business drivers behind these trends? And, perhaps more critically, what new demands do these drivers make of the enterprise and what does application lifecycle management (ALM) offer by way of response?
Tuesday, February 24
1:45 pm – 2:45 pm
Managing the Test People
By Judy McKay, Author, Managing the Test People & Consultant/Quality Architect
Adopted from her book of the same name, “Managing the Test People” explores techniques and methods for working through problems unique to the software quality assurance profession. It is intended for managers, test leads and people who may soon find themselves in a technical leadership position.
“Managing the Test People” is real – it’s about the real world where there are real problems and real people, and it provides viable solutions that can actually be implemented. This talk is presented from a practitioner’s viewpoint. You’ll hear real stories illustrating actual concepts and get practical advice for the novice and affirmation for the expert.
Tuesday, February 24
3:15 pm – 3:45 pm
HED: Essentials of Test Data Management
By Bruce Kratz and Todd Nelson
Creating realistic and consistent test databases is the first step in delivering reliable enhancements and upgrades. But with multiple database clones to configure and manage, costs and complexity can quickly spiral out of control. Learn how to reduce storage costs and quicken iterative testing cycles by creating "right-sized" test environments. Learn to automate the comparison of baseline data against successive test run results to quickly identify application errors, streamline test data management, speed delivery of application enhancements and protect confidential test data.
Tuesday, February 24
3:45 pm – 4:45 pm
Testing in Turbulent Times
By Robert Sabourin, President, AmiBug.com
Turbulent weather is characterized by chaotic, seemingly random pattern changes. Turbulent software projects are characterized by chaotic, seemingly random project changes. Dealing with turbulence is about dealing with change, and successful testing teams must contend with continuously changing project requirements, designs, teams, business goals, technologies and organizations.
The dynamics of turbulent projects demand the active participation of testers. Test managers should not just react to change, they should seek out and discover the source of change and then learn how to read the warning signs of change. In this presentation you’ll learn from real experiences how to organize testing projects in highly turbulent contexts based. You’ll learn how to identify context drivers and establish active context listeners. Understand strategies such as test triage, just-in-time testing, exploratory and session-based testing, which can help avoid wasted efforts and keep the focus on getting things done.
This talk is presented in a highly interactive style. WARNING: People in the front few rows may get wet.
Wednesday, February 25
8:45 am – 9:45 am
Testing RIA’s in a Flash
By Kristopher Schultz, Resource Interactive
Competitive pressures keep retail companies and their Web sites in a constant state of change. Budget pressures push teams to update and test faster at less cost. Despite these pressures, few companies have richer, more dynamic retail Web sites than Hewlett-Packard, Sherwin-Williams and Victoria’s Secret.
In this session, you’ll see how the developers and testers of those vibrant RIA-based Websites perform their testing and understand the techniques that enable successful rich internet applications to be deployed quickly and tested effectively.
Wednesday, February 25
9:45 am – 10:45 am
The Cyber Tester: Blending Human and Machine
By Paco Hope, Technical Manager, Cigital
The message is that big, complex test tools are no longer separate from us but are a part of us. Compelling and competitive testers in today’s world are human/machine hybrids who seamlessly leverage tools as never before. In a previous time, we might have been able to separate the tool from the tester and tool’s output from tester’s. But no more. We’re in a new phase of evolution for your test teams, and Paco will explain why these changes are necessary in order to keep pace with expectations that are thrust upon software testers.
Wednesday, February 25
11:00 am – 12:00 pm
Checking the feel of your UI with an interaction audit
Dorelle Rabinowitz, Design Systems Group, eBay
What is the "feel" of your Website? Is the interface smooth and consistent or jagged and unpredictable? Do links always navigate, or do they sometimes pop up overlays, change the state or pull down a menu?
There’s a dizzying variety of UI options available to modern Web designers. This presentation will show you how to evaluate the consistency of your site’s feel by using a recent interaction design audit at eBay. Learn how to collect and catalog the variety of interactions your users encounter, and to take an inventory of your site’s visual cue meanings and behaviors, task flows, and data representations. Use these findings to evaluate the user experience, point up jagged discontinuities and unpredictable behaviors as well as smooth transitions and consistent affordances, paths and representations. Determine if your site’s interactions are consistent, and if its feel aligns with organizational values. Learn from real eBay case study and discuss future extensions of the audit, including development of design patterns and values, and objective and subjective metrics for measuring the feel of a user experience.
Wednesday, February 25
1:00 pm – 1:30 pm
The FutureTest Challenge Winners Panel
Hear the best case studies from your peers. For more information, and or to enter The First Annual FutureTest Challenge, visit www.futuretest.net/challenge.
Wednesday, February 25
1:30 pm – 2:30 pm
Enterprise Security You Can Take to the Bank
By James Apple, Senior Technical Manager, Bank of America
The larger the corporation, the larger the responsibility to protect sensitive consumer data. Ensuring application security in a large corporate environment requires a full SDLC lifecycle approach, scalable tools, a pragmatic mindset and unwavering political support.
In this session you will learn how to gain control of large-scale enterprise systems by combining late-cycle SDLC penetration testing and source code review with proactive training, self-service assessments, and transparent success metrics for each phase of the SDLC. The session will convey methods to include in each SDLC phase, a means to gain political support, ways to stay within a reasonable budget and some shared experiences from an enterprise deployment.
Wednesday, February 25
2:45 pm – 3:45 pm
How HBO Covers its Digital Assets
By Jaswinder Hayre, Program Manager, Application Security, HBO
One of the key security gates that HBO uses to ensure security is the application security assessment (ASA), which takes place during the QA phase. While typical QA processes are focused on validating that the coded application is behaving as it should – by testing against documented use-cases – the ASA process does the opposite. It misuses and abuses the application in as many ways as possible. Which can have interesting results that impact a system’s confidentiality, integrity and availability. Peek inside HBO’s original ASA process in this unique session, and see how the techniques can apply to your business.
Wednesday, February 25
3:45 pm – 4:15 pm
Experience of a New Venture. Building, testing and launching a community-driven site.
By Doron Reuveni, CEO and Co-founder, uTest
Shorter release cycles, smaller budgets and increased competition make it harder than ever to design, develop and test a successful web site or application.
This presentation will discuss one software testing start-up’s foray into the world of website brand creation, design, development and their experience utilizing their own QA community to test their site. We’ll discuss the role a community can play in testing critical items such as layout, functionality and usability.
We’ll also provide tips and techniques for utilizing a community-sourced model to help ensure the quality of your site, while designing and developing a brand, and creating a new market presence.
Finally, we’ll delve into issues one might encounter as a site or application grows - while establishing best practices for website development and testing efforts.
